Saturday, January 7, 2012

Domain client configuration

[root@localhost named]      rpm -qa ypbind
[root@localhost named]      rpm -ivh ypbind
[root@localhost named]      rpm -ivh portmap
[root@localhost named]      rpm -ivh ypserver
[root@localhost named]      authconfig-tai
domain name or sever name & server IP
[root@localhost named]      getent passwd username ( to check)
[root@localhost named]      vim /etc/auto.master
/disc /etc/auto.disc
/home /etc/auto.home
save & exit
[root@localhost named]      vim /etc/auto.home
* -fstype=nfs domainIP:/home/$
save & exit
* means any user can to log in
if we provide username to * then only that user will gets access to log in


[root@localhost named]      service autofs restart

Automount & create more than one user at a single command


Drive Automount

root@localhost named]    vim /etc/auto.master
/misc /etc/auto.misc
copy the above line & edit like as the following --
/mountpoint to misc /etc/auto.mom
such as /momin /etc/auto.mom

root@localhost named]    vim /etc/auto.mom
* -fstype=nfs serverIP:/data (source) /test (mount point)
root@localhost named]    service autofs restart
root@localhost named]    cd /test
root@localhost named]    ls ( to see)
-----------------------------------------------------------
create more than one user at  a single command

root@localhost named]    vim myusers1
type here ----
"for u in u1 u2 u3 u4"
useradd $u
echo 123| passwd --stdir $u
passwd $u ( when he will first log in then he input a password that is his password)
save & exit
[root@localhost named]    sh myusers1 (run this command)

Create link between two files and Interface up and shutdown process

[root@localhost named]    vim /etc/sysconfig/network-scripts/ifcfg-eth0
if not shows IP till you assign IP address on lAN setup the you input IP here manually
[root@localhost named]    ifup eth0
[root@localhost named]    ifdown eth0 ( now you gets IP )
[root@localhost named]    top ( to see recent process )
[root@localhost named]    vim /etc/inittab
we can select run level by default here.

To create link between two files. 

[root@localhost named]    ln filename filename ( hard link)
[root@localhost named]    ln -il filename ( to see inode )
[root@localhost named]    ln -s filename filename ( to soft link)
[root@localhost named]    tail /etc/group ( to query a group)
[root@localhost named]    passwd -d username ( change password)
[root@localhost named]    fdisk -l ( to see windows disk both)
[root@localhost named]    shutdown -h 10 ( to shutdown pc after 10 minutes )

Run level & SElinux

[root@localhost named]    chkconfig -- list vsftpd
[root@localhost named]    service servicename status
[root@localhost named]    chkconfig --level 5 vsftpd off
[root@localhost named]    chkconfig vsftpd off
[root@localhost named]     chkconfig --level 35 vsftpd on
[root@localhost named]    chkconfig --list 

=========SElinux===========

[root@localhost named]    getenforce
[root@localhost named]    setenforce 1
[root@localhost named]    setenforce 0
[root@localhost named]    vim /etc/selinux/config

We can use this file to entry this function.

OS default=client of time server=Recover a file of linux operating system

How to set default operating system in linux

[root@localhost named]    vim /etc/grub.conf
just type here "1" for windows "0" for linux
Time server client configuration
[root@localhost named]    vim /etc/ntp.conf
just type here server IP or server name
[root@localhost named]    vim /etc/ntp/step_tickers
just type here server IP
[root@localhost named]    service ntpd restart
[root@localhost named]    system-config-data
here go to networktime tab -add -server IP-ok 

Recover a file of linux os

at first insert a CD into CD ROM the reboot the PC press "a" during booting type here "linux rescue"-

Enter

Then you should to take step as your requirement *

IP forwarding & prevent ot reply of ping----

[root@localhost named]    vim /etc/sysctl.conf

Just enable IP forwarding here by "1" /against "0" 1 for enable 0 for disable.

[root@localhost named]    sysctl -p

Ping reply prevent-------- 

[root@localhost named]    cat /proc/sys/net/icmp_echo_ignore_all (to see the status)
[root@localhost named]    echo 1 > /proc/sys/net/icmp_echo_ignore_all ( to prevent )
[root@localhost named]    echo 0 > /proc/sys/net/icmp_echo_ignore_all (to enable)
[root@localhost named]    vim /etc/sysctl.conf

Just enable this line --net.ipv4.icmp_echo_ignore_all=1

Friday, January 6, 2012

Init function & default virtual mode


[root@localhost named]    init 0 : Shutdown (goes thru the /etc/rc0.d/* scripts then halts)

[root@localhost named]    init 1 : Single user mode or emergency mode means no network no multitasking is present in this mode only root has access in this runlevel

[root@localhost named]    init 2 : No network but multitasking support is present .

[root@localhost named]    init 3 : Network is present multitasking is present but with out GUI .

[root@localhost named]    init 4 : It is similar to runlevel 3; It is reserved for other purposes in research.

[root@localhost named]    init 5 : Network is present multitasking and GUI is present with sound etc.

[root@localhost named]    init 6 : This runlevel is defined to system restart.
by default virtual mode-------
[root@localhost named]    vim /etc/inittab

replace here "3" to "5" NB: 3 for virtual 5 for multiple

[root@localhost named]    startx ( for going to graphical)

Thursday, January 5, 2012

user & group policy

Remember these------

Refault permission for directory & file

directory =777-022=755
file=666-022=644
x+suid=s or -+suid=S value=4
x+sgid=s or -+sgid=S value=2
x+stickybit=t or -+stickybit=T value=1
read=4 write=2 execute=1 total value=7


[root@localhost named]    umask 027 username
[root@localhost named]#    chmod o+rwx u+rwx g+rwx
[root@localhost named]    chown username dir/filename
[root@localhost named]    chown .groupname dir/filename
[root@localhost named]    chgrp groupname dir/filename
[root@localhost named]    chown username.groupname dir/filename

[root@localhost named]    usermod groupname,groupname,groupname username (to add a user to more additional/secondary group both)

[root@localhost named]    usermod -a -G groupname,groupname,groupname username ( to add a user that is already exist in a secondary group, to more additional/secondary group)

[root@localhost named]    groupmod -g 700 (ID) groupname ( to change group ID)

[root@localhost named]    gpasswd -M username,username,username groupname (to add one more users to a specific group both)

[root@localhost named]    finger username (to see a user information)
[root@localhost named]    usermod -s /sbin/nologin username (to detect a users shell)
[root@localhost named]    usermod -s /bin/bash username ( to add a users shell)
[root@localhost named]    usermod -l username (to lock a user)
[root@localhost named]    usermod -u username ( to unlock a user)
[root@localhost named]    usermod -G 0 username (to remove a user from his existing group)
[root@localhost named]    chage -l username (to see users change information)
[root@localhost named]    chage -e 2012-08-01 username ( to expire a user)
[root@localhost named]    chage -1 username ( to change to the previous mode)
[root@localhost named]    usermod -l newname oldname ( to change login name)
[root@localhost named]    mv /home/username (old path) /home/username ( new path) ( to change directory of a user)

[root@localhost named]    usermod -c userfullname oldname (to change users full name)

Remote installations

At first need to copy Linux OS & copy to the following path 

/var/ftp/pub 

Then need to configure FTP server to this PC

Then you can to try from another PC

Insert a Linux into CD rom & start booting 

During this time you will get a option to input server IP & path by pressing "a"

Just follow the steps there
 
Then you will see that remote installation has started, Now you can to eject the CD

Wednesday, January 4, 2012

config IP address & change computer name for installation

Open Network and sharing

center then click “

Managenetwork connections

 


Disable the network cards that
you don’t u
se to avoid error indomain installation. In thisscence, we use the wireless
adapter so we’ll disable the wired adapter